-
Notifications
You must be signed in to change notification settings - Fork 170
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix out of bounds read #507
Conversation
Please sign the commit: https://github.com/insomniacslk/dhcp/pull/507/checks?check_run_id=15096874830 Example:
|
Signed-off-by: KonnovKM <[email protected]>
Signed-off-by: KonnovKM <[email protected]>
Signed-off-by: KonnovKM <[email protected]>
Signed-off-by: KonnovKM <[email protected]>
2ab18e9
to
5bd60b5
Compare
Can you share some context on when you faced this out of bounds read? Didn't the packet have the full IP header? |
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## master #507 +/- ##
===========================================
+ Coverage 0 72.77% +72.77%
===========================================
Files 0 91 +91
Lines 0 5777 +5777
===========================================
+ Hits 0 4204 +4204
- Misses 0 1398 +1398
- Partials 0 175 +175
☔ View full report in Codecov by Sentry. |
App made dhcp requests in a mobile network and seems like received packet that caused panic. I think similar issue is mentioned in #468. |
From https://github.com/insomniacslk/dhcp/blob/master/dhcpv4/nclient4/ipv4.go#L81
|
Maybe we should add the https://github.com/google/gvisor/blob/master/pkg/tcpip/header/ipv4.go#L483 |
Signed-off-by: KonnovKM <[email protected]>
3f5d32c
to
5d50c4b
Compare
Seems like current version of PR doesn't work (it can't receive response packet after offer) |
Do you know why? |
I had such issue in old version of this PR when it was smth like
and then I removed
and it started working. So it has something to do with |
Signed-off-by: KonnovKM <[email protected]>
148879b
to
5771e16
Compare
I ran more tests and this version is actually working, previous test was misconducted |
PR fixing bug: